A new version of Kernel Detective has been released by GamingMasteR - AT4RE.
Kernel Detective is a free tool that help you detect, analyze, manually modify and fix some Windows NT kernel modifications. Kernel Detective gives you the access to the kernel directly so it’s not oriented for newbies.
Kernel Detective gives you the ability to [...]
A new version of kX-Ray AntiRootkit Software has been released by |3 /^ () ( | Darawk’s ManualMap). Modules which have their PE headers destroyed (common practice for malware or game cheat authors), filenames zeroed out in memory (address of filename in the PEB) and PEB entries (linked lists) completely unlinked (i.e> Darawk’s CloakDLL method) [...]
Unvirex is a rogue software, it is a false anti-spyware application. Unvirex can be installed by trojans (such as zlob or false codecs) or by web downloaders or in rare case manually.
This rogue uses the typical techniques to scary the users by showing fake messages stating that the PC is infected by a lot [...]
XP Deluxe Protector (aka XPDeluxeProtector) is a rogue software, it is a false anti-spyware application. XP Deluxe Protector can be installed by trojans (such as zlob or false codecs) or by web downloaders or in rare case manually.
This rogue uses the typical techniques to scary the users by showing fake messages stating that the [...]
A vulnerability was discovered in Apple QuickTime version 7.6 and prior versions:
Source: securiteam.com
When the data format field (offset 4 of the sample description table extension) is ‘RVZA’ (Apple Video), it is possible to trigger a sign extension vulnerability which leads to a buffer underflow. An attacker may overwrite crucial data such as function pointers, flags, [...]
On the recent days while browsing Internet I was redirected to a file named VideoCodec.exe and another file named PluginCodec.exe. Both files are false video codecs and in real are infected with Trojan.DNSChanger!
Trojan DNSChanger is a trojan that will modify the DNS settings on compromised computer so the victims cannot update their Antivirus anymore and [...]
Messenger Infium 2009 Final is an new rogue software that display annoying popups and install also other backdoors and trojans. This software installs Remote Administrator (Radmin) 2.0 in the victim PC.
What is Remote Administrator (Radmin) ?
Radmin (Remote Administrator) is the world famous, award winning secure remote control software and remote access software which enables you [...]
Again, we’ve noticed a very massive wave of spam messages all related to medicine, pharmacy and pornographic articles that have full our emails traps. A summary of the latest spam activity in the wild:
- Spammers write the message to an image and then the image is used as an attachment (general extensions used are .PNG, [...]
PlayMP3Z.biz is an new adware program that display annoying popups. This software installs also a BHO (Browser Helper Object) that can control your Internet Explorer web browser and other malicious executable files.
After the execution of the file installer.exe we noticed new Internet traffic on port 80:
GET /request?stage=install&request=27276269 HTTP/1.1
User-Agent: Mozilla
Host: playmp3z.biz
Cache-Control: no-cache
As output we received various [...]
A new spam strategy is in the wild. We spoke on a recent article that spammers were using a new trick to bypass anti-spam filters by adding the text on an image and send the image attached as file. Now it seems that they changed from image to RTF document:
The attached file contains a redirect [...]
Links